Linux Security: Auditing, Hardening and Compliance

How to secure Linux systems – Auditing, Hardening and Security

How to secure Linux systems

Within this article we have a look on how to secure a Linux system. Focus of the article is providing tips regarding auditing, hardening and general security of Linux servers.

Hardening

Focus on minimizing

By minimizing the footprint of the server, its data and users, we can more quickly determine if a system is running properly. Also risks will be reduced, as every part on a system might be something which can be sooner or later introduce a vulnerability.

Focus areas:

Remove unneeded software

Disable and remove old accounts

Application security

Most software has to be configured. Usually it’s this same configuration which introduces weaknesses, simply due to lack of time or the right knowledge of the software.

Focus areas:

Harden network services

Read application documentation for security measures

Security

System availability

Most systems have the goal to delivery value to business processes. One of the main pillars within information security is the availability of a system.

Focus areas:

Create regular backups (test restores)

Implement system monitoring

Upgrade and update

On a daily basis new software updates are released, to solve bugs, improve stability or patch a security issue. Continuous auditing helps in determining weaknesses on your systems, including missing security patches.

Focus areas:

Perform regular software updates

Upgrade the OS in time, before the official support is ended.

Auditing

Perform automated audits

Screenshot of a Linux server security audit performed with Lynis.

Almost every system administrator is overwhelmed with the amount of work and activities. While this puts them under some stress, it will also increase the risk that “less important” things like installing patches are forgotten. Cleaning up a system after intrusion, or having to install it (again) is usually a waste of time. Therefore we suggest to move from reactive mode to be more proactive. Implement continuous audits, automate controls and use best practices. To secure a Linux system and keep it secure, focus on the right combination of hardening and auditing. This magic combination will be a powerful tool against evildoers.